Explore a cutting-edge code injection technique called AtomBombing in this 27-minute conference talk from Security BSides San Francisco. Discover how this method exploits Windows atom tables and Async Procedure Calls (APC) to bypass common security solutions. Learn about the technique's impact on all Windows versions, including Windows 10 and Windows 7, and understand why it cannot be easily patched due to its reliance on core operating system mechanisms rather than flawed code. Gain insights into the challenges of detecting and preventing this infiltration method, which was undetectable by many security solutions at the time of its release in October 2016.
Overview
Syllabus
BSidesSF 2017 - AtomBombing: Injecting Code Using Windows’ Atoms (Tal Liberman)
Taught by
Security BSides San Francisco
Related Courses
-
Abusing Security Products to Bypass Windows Protections
-
BADPDF - Stealing Windows Credentials via PDF Files
-
One-Click Code Fix - Securing Code Using AI
-
Windows Systems and Code Signing Protection
-
Injection on Steroids - Code-less Code Injections and 0-Day Techniques
-
Analysis of the Attack Surface of Windows 10 Virtualization-Based Security
